bsd.own.mk: sort various lists and expressions
Sort various lists of variables.
(Manually) sort various .if expressions on platform name.
Should be no functional change, but easier to cross-check mk.conf(5).
go: update to 1.25.9 and 1.26.2 (security).
These releases include 10 security fixes following the security policy
<https://go.dev/doc/security/policy>:
- os: Root.Chmod can follow symlinks out of the root on Linux
On Linux, if the target of Root.Chmod is replaced with a symlink while
the chmod operation is in progress, Chmod could operate on the target
of the symlink, even when the target lies outside the root.
The Linux fchmodat syscall silently ignores the AT_SYMLINK_NOFOLLOW flag,
which Root.Chmod uses to avoid symlink traversal. Root.Chmod checks its
target before acting and returns an error if the target is a symlink
lying outside the root, so the impact is limited to cases where the
target is replaced with a symlink between the check and operation.
On Linux, Root.Chmod now uses the fchmodat2 syscall when available, and
an workaround using /proc/self/fd otherwise.
[140 lines not shown]
mk.conf(5): sync with bsd.own.mk 1.1473
Sort variables in the list: MKAUTOFS, MKKERNFS, MKNLS,
Update supported platforms per bsd.own.mk changes, including using
the tested variable (MACHINE vs MACHINE_ARCH):
MKAMDGPUFIRMWARE, MKCTF, MKDTB, MKFIRMWARE, MKLIBCXX, MKPIE, MKPROFILE,
MKRELRO, MKSLJIT, MKSOFTFLOAT, MKZFS, USE_SSP, USE_XZ_SETS.
Sort platforms in: MKXORG_SERVER.
Document MKGDBSERVER.
Add NetBSD 10 and NetBSD 11 to RUMP_NBCOMPAT.
USE_SSP is also controlled by NOFORT.
Cross reference npf(7) for MKNPF.
Editorial fixes, including consistent punctuation.
Import bind-9.20.22 (previous was 9.20.18)
Notes for BIND 9.20.22
Security Fixes
Fix crash when reconfiguring zone update policy during active updates.
We fixed a crash that could occur when running rndc reconfig to change a zone's
update policy (e.g., from allow-update to update-policy) while DNS UPDATE
requests were being processed for that zone. ISC would like to thank Vitaly
Simonovich for bringing this issue to our attention. [GL #5817]
Bug Fixes
Fix intermittent named crashes during asynchronous zone operations.
Asynchronous zone loading and dumping operations occasionally dispatched tasks
to the wrong internal event loop. This threading violation triggered internal
safety assertions that abruptly terminated named. Strict loop affinity is now
enforced for these tasks, ensuring they execute on their designated threads and
preventing the crashes. [GL #4882]
Count temporal problems with DNSSEC validation as attempts.
[160 lines not shown]
xfce4-thunar: update to 4.20.8
4.20.8 (2026-03-28)
======
- Store pending column size changes on close (#1318)
- Pass current dir to catfish (#1785)
- Ignore G_IO_ERROR_NOT_SUPPORTED (#1782)
- Translation Updates:
Slovenian, Turkish